Release file check script Re: svn commit: r1799436 - /ofbiz/tools/verify-ofbiz-rele
Locked
Release file check script Re: svn commit: r1799436 - /ofbiz/tools/verify-ofbiz-rele
 
|
Hi everyone,
I've added a convenience bash script to check the release files checksums and gpg signature to the tools repository. Hope this makes life easier :-) Best regards, Michael Brohl ecomify GmbH www.ecomify.de Am 21.06.17 um 14:55 schrieb [hidden email]: > Author: mbrohl > Date: Wed Jun 21 12:55:02 2017 > New Revision: 1799436 > > URL: http://svn.apache.org/viewvc?rev=1799436&view=rev > Log: > Improved: Added a bash script to verify the release file, checking md5/sha checksums and the signature. > > Added: > ofbiz/tools/verify-ofbiz-release.sh (with props) > > Added: ofbiz/tools/verify-ofbiz-release.sh > URL: http://svn.apache.org/viewvc/ofbiz/tools/verify-ofbiz-release.sh?rev=1799436&view=auto > ============================================================================== > --- ofbiz/tools/verify-ofbiz-release.sh (added) > +++ ofbiz/tools/verify-ofbiz-release.sh Wed Jun 21 12:55:02 2017 > @@ -0,0 +1,79 @@ > +#!/bin/bash > + > +# verify-ofbiz-release.sh > +# checks the given release zip file for correct md5/SHA checksums and signing certificate > +# see https://www.apache.org/dev/release-signing.html > + > +# color definitions for output > +RED='\033[0;31m' > +GRN='\033[0;32m' > +NC='\033[0m' # No Color > + > +if [[ $# -eq 0 ]] ; then > + echo "Usage: $0 [apache-ofbiz-xx.xx.xx.zip]" > + exit 1 > +fi > + > +checkMD5() { > + file1=`gpg --print-md MD5 $1` > + file2=`cut -d* -f1 $1.md5` > + > + echo "md5 check of file: $1" > + echo "Using md5 file: $1.md5" > + echo $file1 > + echo $file2 > + > + if [ "$file1" != "$file2" ] > + then > + echo -e "${RED}md5 sums mismatch!${NC}" > + else > + echo -e "${GRN}md5 checksum OK${NC}" > + fi > + > + echo "" > + > + return 0 > +} > + > +checkSHA () { > + file1=`gpg --print-md SHA512 $1` > + file2=`cut -d* -f1 $1.sha` > + > + echo "sha check of file: $1" > + echo "Using sha file: $1.sha" > + echo $file1 > + echo $file2 > + > + if [ "$file1" != "$file2" ] > + then > + echo -e "${RED}sha sums mismatch!${NC}" > + else > + echo -e "${GRN}sha checksum OK${NC}" > + fi > + > + echo "" > + > + return 0 > +} > + > +if [ ! -f $1.md5 ]; > +then > + echo -e "${RED}skipping md5 check!${NC} (md5 checksum file $1.md5 not found)\n" > +else > + checkMD5 $1 > +fi > + > +if [ ! -f $1.sha ]; > +then > + echo -e "${RED}skipping sha check!${NC} (sha checksum file $1.sha not found)\n" > +else > + checkSHA $1 > +fi > + > +if [ ! -f $1.asc ]; > +then > + echo -e "${RED}skipping signature check!${NC} (signature file $1.asc not found)" > +else > + echo "GPG verification output" > + gpg --verify $1.asc $1 > +fi > > Propchange: ofbiz/tools/verify-ofbiz-release.sh > ------------------------------------------------------------------------------ > svn:eol-style = native > > Propchange: ofbiz/tools/verify-ofbiz-release.sh > ------------------------------------------------------------------------------ > svn:executable = * > > Propchange: ofbiz/tools/verify-ofbiz-release.sh > ------------------------------------------------------------------------------ > svn:keywords = Date Rev Author URL Id > > Propchange: ofbiz/tools/verify-ofbiz-release.sh > ------------------------------------------------------------------------------ > svn:mime-type = text/plain > > |
smime.p7s (5K)
Re: Release file check script Re: svn commit: r1799436 - /ofbiz/tools/verify-ofbiz-rele
|
|
| Free forum by Nabble | Edit this page |